tags:

views:

1851

answers:

21

I am great fan of open source technologies. I have seen lot of sites which offers pirated software's.My question is , Suppose If you are software developer and wants to sell your product and stop piracy of your products which are all the techniques or methods you use ?

Is there any standard software's or standard techniques available ?

The best example is Microsoft Windows WPA activation .

+1  A: 

The most effective anti-piracy check currently is probably a combination of several checks.

  1. Serial (most basic level, can also be uniquely tied with userid)
  2. Server authentication (requirements: Internet)
  3. Serials blacklist
  4. Frequent updates (to defeat hex hacks)

However, there are no 100% full-proof anti-piracy measures, and some users might get annoyed too at the security checks.

scoopdreams
Subscription based accounts help as well (though that might fall in the server authentication group)
Ivo Flipse
@caliban Glad to see you're back!
alex
@alex ;) never left, just didn't have time to breathe recently - work is killing me. :( good to see ya too, mate!
scoopdreams
+15  A: 

From StackOverflow

Make it easier to buy than to steal. If you put mounds of copy protection then it just makes the value of owning the real deal pretty low.

Use a simple activation key and assure customers that they can always get an activation key or re download the software if they ever lose theirs.

Any copy protection(aside from online-only components like multiplayer games and finance software that connects to your bank, etc.) you can just assume will be defeated. You want downloading your software illegally, at the very least, to be slightly harder than buying it.

I have a PC games that I've never opened, because there is so much copy protection junk on it that it's actually easier to download the fake version.

Grant
Hear, hear! I'm another one in the "buy a legal copy, then download the cracked version so I don't have to deal with disk-in-drive checks or similar bullshit" brigade. Intrusive anti-piracy schemes make the legal version *less valuable* than the pirated version, so people will prefer to use the pirated version even if the cost is the same. And the cost is rarely the same, seeing as the legal version is almost never given away for free.
Dave Sherohman
I've done the "buy and download" move myself. I suspect that one of the worse things a vendor can do is accustom its customers to downloading the cracked version. Somebody used to buying the legit version is likelier to continue to do so than somebody who just decides to skip the "buy" step.
David Thornley
You can often install the real thing and then download the cracked EXE rather than having to get the whole thing in a cracked version. I won't buy a game with a disk-in-the-drive check without verifying a no-CD crack exists.
Loren Pechtel
@David Thornley--there's also the problem that once the vendor drives someone to a warez site to deal with the DRM the have exposed the customer to the dark side where they might not have gone otherwise.
Loren Pechtel
+5  A: 

I find the best way to stop piracy is to be honest as a developer and admit it's a problem you cannot stop. Then, add a screen or something that pops out once or twice, not more; say that a lot of work has gone into creating the app and buying it would help the developers.

Seeing a screen like that has stopped me from pirating an app. Multiple safeguards (including serials and authentications) have not. Appeal to a persons good sense, don't nag them and especially don't make people that have bought it a nightmare (consider games and restrictive DRM that hurts everybody except pirates).

alex
One screen like that should be enough. 2 would just be annoying if I'd bought it.
Phoshi
No, no, only if it's **unregistered**. Ask the person trying it to buy it if he likes it; appeal to his common sense. Bring that up once or twice when he starts it; that's it. If he ignores the messages, never show them again. Just add **(unregistered)** to the app titlebar.
alex
Oh, right, my mistake. Free versions are another great deterrent to piracy, though may lower sales (would it balance out, though?)
Phoshi
Hard to tell, really. But I think it can work.
alex
@Phoshi: Free versions aren't just a deterrent to piracy, they're *advertising*. Assuming your software is halfway decent, they generally increase sales by letting people try before they buy. OTOH, if it's crap, then they let people see just how bad it is without paying you for the privilege, but I consider that a good thing too. Keeps you honest.
Dave Sherohman
Free versions do not deter piracy and do not help your bottom line even if they did. If somebody uses a free version instead of a pirated non-free version you still get no money from them. Free versions can be a great marketing tool, if used carefully. I blogged about this in the past: http://www.micro-isv.asia/2008/07/the-economics-of-free-lite-versions/
Jan Goyvaerts
I had a nag screen, the crackers removed it. The 'be a nice guy and they will leave you alone' method is completely ineffective.
Jeff McClintock
+2  A: 

At Techdirt they have plenty of discussions about this problem and similar ones. The general consensus is that all copy protection schemes will fail. Software is an infinitive product, which you can copy endlessly at no costs. So to make profit from software, you'll need to add something which has a limited supply, which is often just something physical.

Good ways to protect software is by adding a good manual on paper, preferably hard-covered. With software, the added value of having the installation on a CD can be enough already and works well for many inexpensive shareware. With music, a special collectors edition with a nice cover, case and additional souvenirs will also add to the value of the legal product. And games could get more popular to buy legally if every copy of the game came with a small statue of one of the main characters in the game.

Workshop Alex
+44  A: 

You shouldn't be looking at ways to stop piracy.

You cannot stop piracy.

It does not matter who you are or what you use. You think Microsoft haven't tried?

Instead:

  • Respect your customers and they will respect you.
  • Value your software fairly for what it is actually worth.
  • Remember that a pirated copy is not equivalent to a lost sale.
  • Remember that you are competing with 'free' versions of your own software.
  • DRM only has an impact on the paying customer, so find a balance.
  • A lot of people pirate because they do not see enough value in your product to make a purchase.

I'm sure I have missed a lot of decent ideas that developers can do to prevent piracy.

Look at: Answers here on how DRM cannot work.

Piracy is a part of life, there will always be that 5%-10% of people who will pirate no matter what.

Qwerty
"Value your software fairly for what it is actually worth." since value is subjective how are you going to come up with an objective (actual) worth?
Matthew Lock
I support this answer because given enough time and money ANY drm or security CAN be cracked.
Tony
@ Matthew Lock: Your right that value is subjective, and since this question is about generic software it makes it a lot harder to answer. What I'm basically saying is its all about balance, putting the 'right' price on your product is hard. But if you get it correct, you will see less piracy (it relates to dot point 6).
Qwerty
"You think Microsoft haven't tried?" It's harder for a big, well-known company to implement an effective DRM because they are a popular target. A smaller vendor doesn't need to try so hard and DRM can be quite effective. Just like CAPTCHAs-small unknown sites can use honeypots, but that would never work for Google.
mgroves
@ mgroves: I said Microsoft because the Windows activation was mentioned in the question. But on the other hand it could be a good example. MS have a lot more resources than many other groups, so if they cannot prevent piracy then what chance does a smaller group have? But yes, their size and reach in the world is unique (eg: market share) and thus are a larger target. But if a small vendor thinks their software wont get pirated because they are small, then that is tin foil hat thinking. That idea draws a parallel similar to the phrase 'security through obscurity'.
Qwerty
"a pirated copy is not equivalent to a lost sale". Yeah thieves keep telling me that, unfortunatly since the release of a crack for my software last month, sales have all but stopped. Only 1 sale in the last 3 weeks. We are stuck between a rock and a hard place.
Jeff McClintock
@Jeff, mgroves - World of Goo is a case study for this matter, especially in contrasting it to Ricochet. See http://2dboy.com/2008/11/13/90/ for 2D Boy's take on the situation, and for a link to Reflexive's take on the matter. Instead of explaining my position I'll let the facts speak for themselves.
michaelc
+7  A: 

The best way to stop piracy is to host your software online. That is, to make your software a web application. Nobody can pirate superuser.com or google docs because they don't physically have a copy of the software.

Another option would be to use a dongle. They're not fool proof, and determined hackers will find a way to circumvent to dongle code, but they work to stop casual copying.

Also - Companies like Microsoft don't like to admit it, but they actually quite like a bit of piracy. If somebody isn't going to pay for software, then Microsoft would prefer that you didn't pay for, but used, something they made instead of the alternative.

seanyboy
Hm, I'd like to up-vote the first paragraph and down-vote the second paragraph. Dongles are a right pain, although now that they can be USB dongles, I guess it's easier if you need more than one at a time.
Vatine
I would upvote if it wasn't for the dongle paragraph
hasen j
+5  A: 

The best DRM I've ever come across is steam, Valve's gaming digital distribution service.
To torrent a game, you'd go to your favourite tracker and click download (or so I've heard).
To get it from steam, you click on it and press buy, it then downloads very quickly.

That's the only DRM I've ever come across that's worked, simply because it's actually easier to buy than it is to pirate. Server auth doesn't work, it'd take a week at most for somebody dedicated to breaking it, or simply feeding it what it wants to see, or so on.

And, of course, if your DRM is strong enough to stop some pirates, you'll also be seriously inconveniencing real users - something no software developer should want.

Phoshi
It is easier to buy from steam and they offer you a lot of extra services for free (servers to play on). If they catch you with modified binary files (if you modified the game executable to cheat) your account is automatically deleted. Harsh, but fair.
alex
That's true, but online games where people cheat are no fun (though cheats could be enabled on the server and stuff done like that, if it's a source game, I guess)
Phoshi
As I said, I find it fair that cheaters are banned. The rules are clearly outlined.
alex
You can pirate games that are on steam... Not that I have. My steam account has too many games to get banned. That would suck.
Tony
Oh, you can, but my point was it's literally easier to buy them - the only antipiracy method that works, imo.
Phoshi
@Alex what happens if your .EXE is unwittingly modified--a virus?
Loren Pechtel
Agree, and sadly this maybe the reason why AppStore and probably Mac AppStore are so succesful
nanda
+1  A: 

Make software worth buying.

Thomas
A: 

Let's put it this way. You can't stop greed and desire to have things for free and hence there is no way we can stop piracy. You create one method of anti-piracy and few talented minds will come up with something to break it. All older windows versions got cracked and almost every software which has setup on official site is on radar of crackers. So it will be hacked f not now will later. Even if open source software exist, people don't take pain to donate to them. They care for free things, how it takes to create software, how much time and money goes to create things is ignored.

This topic comes under social engineering for me. How to understand people and make them pay for products you create. Soon we'll have to find more ways to make money for software/website etc. Internet ads and technical support revenue will not earn much development funds and it'll be hard to keep company alive. So we need to educate people about "if they're using something for free or even pirated they need to understand why they should pay for things, Why they should donate if they're using open source". Not easy job, but if few people understand this will help lot of software companies and open source projects.

Mahesh
+1  A: 

I believe the first thing is to decide what you want to do. Are you there to prevent piracy, or to make sales? You can take measures to reduce piracy that also reduce sales, but that's usually a bad idea. Remember that most people who pirate your software wouldn't buy it already, since most pirates grab a lot more stuff than they could actually pay for.

The second thing is to remember that any copy protection can be broken. You can make it difficult to break, but in doing so you're running the risk of making it hard for your legitimate customers to use your software, and that will likely reduce your sales and customer satisfaction anyway.

It used to be that there was value in making software hard for the individual to copy, without worrying about experts, but given the ease of finding warez sites I don't know that that applies anymore.

If you're selling something that's at least partly an Internet service, you've got it made. Blizzard doesn't care who copies its client software, because to do anything useful the user has to pay for a World of Warcraft account along with subscription fees.

Otherwise, you want to try to make the legitimate product at least as attractive, preferably more attractive, than a pirate version. I suspect that if I were to pirate copies of some of the movies I've bought, they wouldn't force me to play several previews (which get way out of date) and some mandatory warnings before I could get to the movie. That's one of the things that will drive people to piracy. The more honest will buy the product and pirate the better version, but it's not too far from that to skipping they "buy" step.

If you can offer little web services for legitimate users, that's good. If you can offer something physically attractive or useful with legitimate purchases, that's good. Offering anything physical can work: I prefer to buy music for my iPhone as CDs rather than through the iTunes store, all things being equal.

The key here is to provide a reason besides legality why I'd want to buy the software from you rather than find a download somewhere. Most people are more or less honest, and providing them with a reason to buy rather than just grab will encourage them to buy. Also, don't provide people with a reason to pirate your software rather than buy it. If you push a person into buying and pirating, it's a short step to just pirating the next thing. Even if they don't, they may become resentful of the copy protection and either just not get the software or pirate it.

David Thornley
A: 

Some software editors make money on hardware running their software or on services around their software. They don't bother protecting their software against piracy.

mouviciel
+1  A: 

None of you answered his question!

I guess he wasn't looking for a lecture about a better world, but specifically about techniques (with code preferably) available to stop software piracy, even if they ultimately work or not.

By the way, I am investigating this too and came by SF thinking I would get lots of ideas about it, but alas...

Dexter
...but, alas, the attempt is futile. Which many of the answers have mentioned, with at least one including a link to a more detailed discussion of *why* it's futile.
Dave Sherohman
+1  A: 

Take a look at Developing for Software Protection and Licensing for some ideas.

Disclaimer: I co-founded the company that wrote the paper produces the licensing solution plugged therein :-)

Duncan Bayne
+12  A: 
  1. You can't stop pirates.
  2. See 1

The only way to prevent pirating is making the whole system a service, such as a web service. If there is no code transferred, then there is no traditional way to unlock it (beyond meta-pirating, such as stealing logins, fake credit cards, etc)

Don't make your web service trivial - it can be emulated, or stubbed around. This includes all online activation schemes.

Yann Ramin
well you don't need to stop all pirates, just make it convineint enough for enough potential pirates not to be pirates.
hhafez
@hhafez: yes, "just" that... Which, so far, no one has really managed.
jalf
that's not true, there are many people who buy genuine versions of windows for example not because they really want to pay microsoft, just because it's more convenient to buy it instead of getting from bit torrent
hhafez
+16  A: 

Piracy is a social not a technical problem. You obfuscate your code so it can't easily be reverse-engineered but that's about it.

Look at the game industry that has spent billions on this, typically to have their protection cracked within weeks or even days.

Typically this results in a worse user experience for the legitimate copies than the pirated copies (eg Ubisoft's call-home feature stopped the game working when their servers went down). Go too extreme here and you risk turning legitimate customers into pirates.

People generally want to pay for things. Price things fairly and don't annoy them (eg limited installs) and you'll get viewed far more favourably. Better to be liked than hated.

cletus
+1: It is so true that DRM can often cause trouble to legitimate owners. I have even in the past used a crack on my legitimate copy just to overcome DRM issues that were troublesome.
galford13x
+1: it *is* a social issue, and nothing else. Period.
greyfade
+4  A: 

Any software protection you add will just be broken. Look at just about every game, application, operating system out on the market. They are all broken, it just takes time. The only way around that is providing it as a service, or behind a login (Like Steam)

webdestroya
A: 

A Navy Warship always works well. (Sorry I had to ; - )

Eric Anastas
+3  A: 

I don't mean to be rude, but from what you're saying, it seems like the typical pirate knows a lot more about this subject than you. It's going to be asymmetric warfare, with you on the losing side. For you to have any chance you need more than a suggestion from stackoverflow. You'll need to become expert in the subject and learn how to be a pirate yourself. But you'll have to be a better pirate than the pirates already out there. Can you do it? As they say, the best way to win is not to play at all.

If you want to get an idea of just how smart pirates are, here's the web site of a guy I met at a party one time.

Plus its not only that they know more or less than him, its the fact that its him (or the all the people developing security measurs) that costs a lot of money vs a pretty much unlimited number of people trying to break it. Its like those zombie movies, 5 people vs everybody :P (except in real life you would be eaten).
Francisco Noriega
@bangoker: It's worse than that. The crackers need to find only one weakness in order to win, and they can spend time working on a stationary target. At least in the movies you can react to what the zombies do.
David Thornley
+8  A: 

The only proven way to stop pirates is putting armed Israeli security personnel on your ship/program.

Itay Moav
Indeed, and Zohan isn't cheap!
galford13x
Probably because the Israelis have a lot of experience with doing piracy in international waters themselves.
Christian
@Christian We learned from the best (but on a small scale) the French, the British and the Americans. We are not to blame we do everything better and cause less casualties as the rest of the armies in the world do ;-)
Itay Moav
A: 

The problem with standard software and standard techniques for stopping piracy is that once the pirates figure out how to crack it, all applications using that software or that technique become trivial to crack.

My recommendation is to do as I did: roll your own licensing mechanism that is strong enough to keep honest people honest, but not so strong that it inconveniences honest people. WPA does not fit that bill.

Don't worry about the pirates. If they can't crack your software they'll just use a stolen credit card number or PayPal account to buy. Or they'll just crack your competitor's software and use that instead.

Focus on improving your product to make it worth buying and on improving your marketing to make more people aware you have something worth buying. What matters to your business is how many people buy. How many people steal is irrelevant (but you'll need a system to identify paying customers so pirates don't use your limited resources for tech support).

Jan Goyvaerts
A: 

Two thoughts on this subject.

Do you lock your door when you leave home? Thought so - even though you know that however arbitrarily strong you make that door and its locks there may be a guy out there with an RPG.... The point is to make it arbitrarily hard for people to hack your product - see the post above by the guy who was pirated and his sales stopped dead.

Second thought - do you go to your workshop and build your own lock when you want to secure a door? Thought not. The commercially available locks have been built by people who have spent years figuring out how to protect their locks against lockpickers, credit cards, bolt-cutters etc., and having them tested in the field by zillions of customers.

So take prudent measures to protect your business and use a commercial license manager.

Dominic